The sslmodule in Python 2.6 supports up to TLS 1.0 only. If you do not wish to introduce additional dependencies (such as pyOpenSSL as you suggest) you will need to upgrade to Python 2.7 or 3.x to get support for newer versions of TLS.

sslPython 2.6 中的模块最多仅支持 TLS 1.0。如果您不想引入额外的依赖项（例如您建议的 pyOpenSSL），您将需要升级到 Python 2.7 或 3.x 以获得对新版本 TLS 的支持。

To force a particular version of TLS in Python 2.7.9 or later, construct an SSLContextwith the appropriate PROTOCOL_*constant. You can then use it with any API that lets you provide your own SSLContext.

要强制TLS的特定版本中的Python 2.7.9或更高，构造一个SSLContext与适当的PROTOCOL_*恒定。然后，您可以将它与任何允许您提供自己的SSLContext.

import ssl
import urllib2

ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
# set other SSLContext options you might need
response = urllib2.urlopen(url, context=ctx)

To use a particular protocol version or higher(including future versions), use ssl.PROTOCOL_SSLv23and then disable the protocol versions you do not want to use:

要使用特定协议版本或更高版本（包括未来版本），请使用ssl.PROTOCOL_SSLv23然后禁用您不想使用的协议版本：

ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23)

# allow TLS 1.2 and later
ctx.options |= ssl.OP_NO_SSLv2
ctx.options |= ssl.OP_NO_SSLv3
ctx.options |= ssl.OP_NO_TLSv1
ctx.options |= ssl.OP_NO_TLSv1_1

As for using a custom SSLContextwith Requests in order to force a particular protocol version, according to the documentationthere does not seem to be a way to do this, see the following example from the docs.

至于使用自定义SSLContext请求来强制特定协议版本，根据文档，似乎没有办法做到这一点，请参阅文档中的以下示例。

If upgrading the code isn't an option, you should be able to proxy your connection using a squid server or nginx. Here's a squid "bump" method example:

如果升级代码不是一种选择，您应该能够使用鱿鱼服务器或 nginx 代理您的连接。这是一个鱿鱼“凹凸”方法示例：

Can I use Squid to upgrade client TLS connections?

我可以使用 Squid 升级客户端 TLS 连接吗？

Another option is to keep the proxy but rewrite the URL (http to https) and have your application send requests to http (seems odd but works if implemented right).

另一种选择是保留代理，但重写 URL（http 到 https）并让您的应用程序向 http 发送请求（看起来很奇怪，但如果实施得当就可以工作）。